General
-
Target
53eb768c595f543461eb7a3c7f8adb50132a10ff5dc7332305cf98edc854aa3e
-
Size
432KB
-
Sample
241001-yzs1paydmm
-
MD5
479f9c833381a37ce493853c432a57fa
-
SHA1
3985ff1849ebd9cd7c8122683660f33aa295edda
-
SHA256
53eb768c595f543461eb7a3c7f8adb50132a10ff5dc7332305cf98edc854aa3e
-
SHA512
d34dd2c1a35a017b5c85148ec0b89d5db9d7fbd600f1840b837225b45e04599a1bbb700db4592f47e7405b38e2418061dd18b04ef7c9fd20044fe5e7b0b8237d
-
SSDEEP
12288:kov9YJjrV+pJR6cuXFqaYCL9yKASIAcl3hkWWlyvQ5:B+JHVyR6xXky0KASbcdh6yvQ5
Behavioral task
behavioral1
Sample
53eb768c595f543461eb7a3c7f8adb50132a10ff5dc7332305cf98edc854aa3e.dll
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
53eb768c595f543461eb7a3c7f8adb50132a10ff5dc7332305cf98edc854aa3e
-
Size
432KB
-
MD5
479f9c833381a37ce493853c432a57fa
-
SHA1
3985ff1849ebd9cd7c8122683660f33aa295edda
-
SHA256
53eb768c595f543461eb7a3c7f8adb50132a10ff5dc7332305cf98edc854aa3e
-
SHA512
d34dd2c1a35a017b5c85148ec0b89d5db9d7fbd600f1840b837225b45e04599a1bbb700db4592f47e7405b38e2418061dd18b04ef7c9fd20044fe5e7b0b8237d
-
SSDEEP
12288:kov9YJjrV+pJR6cuXFqaYCL9yKASIAcl3hkWWlyvQ5:B+JHVyR6xXky0KASbcdh6yvQ5
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-